Back

Oracle Linux Kernel Security Updates Address Multiple Vulnerabilities

Severity: High (Score: 71.2)

Sources: Linuxsecurity

Published: 2026-06-04 · Updated: 2026-06-04

Keywords: elsa-2026, client, reject, userspace, cifs, spnego, descriptions

Summary

On June 4, 2026, Oracle released multiple security advisories for its Linux kernels across various versions. The updates address critical vulnerabilities, including CVE-2026-46300 and CVE-2026-46333, affecting Oracle Linux 7, 8, and 9. These vulnerabilities could allow for denial of service and privilege escalation, impacting users of Oracle's enterprise systems. The updates include patches for issues such as improper handling of network packets and memory management flaws. The advisories emphasize the importance of applying the updates to mitigate potential exploitation. Affected systems include Oracle Linux 5.4, 5.15, and 6.12 kernel versions. Security professionals are urged to prioritize these updates to protect their environments from potential attacks. Key Points: • Oracle released critical kernel updates for Linux versions 7, 8, and 9 on June 4, 2026. • The updates address vulnerabilities CVE-2026-46300 and CVE-2026-46333, which pose risks of denial of service and privilege escalation. • Security professionals are advised to apply the patches immediately to mitigate risks.

Detailed Analysis

**Impact** Oracle Linux users across versions 7, 8, and 9 are affected by multiple kernel vulnerabilities, potentially impacting enterprise environments relying on these systems globally. The vulnerabilities could lead to privilege escalation, denial of service, or information disclosure, affecting sectors that depend on Oracle Linux for critical infrastructure. No specific data breach or exploitation numbers are provided in the sources. **Technical Details** The vulnerabilities include issues in SMB client handling (CIFS SPNEGO descriptions), skbuff marker propagation (CVE-2026-46300), ptrace dumpable logic (CVE-2026-46333), and an AMD CPU fix (CVE-2025-54518), among others. Attack vectors involve kernel-level flaws exploitable through crafted network packets or local privilege escalation attempts. No malware or active exploitation infrastructure is detailed, nor are IOCs provided. **Recommended Response** Apply the Oracle Linux kernel updates corresponding to your version immediately: 6.12.0-203.76.x for Oracle Linux 9, 5.15.0-321.202.x for Oracle Linux 8, and 5.4.17-2136.356.x for Oracle Linux 7. Monitor systems for unusual ptrace or SMB client activity and ensure kernel modules are up to date. If patching is delayed, increase logging on network and system calls related to SMB and ptrace usage.

Source articles (6)

  • Important Security Advisory ELSA-2026 — Linuxsecurity · 2026-06-04
    [5.4.17-2136.356.4.1] - smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669] [5.4.17-2136.356.4] - tun: free page on build_skb failure in tun_xdp_one()…
  • Oracle Linux 8 ELSA-2026 — Linuxsecurity · 2026-06-04
    [5.4.17-2136.356.4.1] - smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39463669] [5.4.17-2136.356.4] - tun: free page on build_skb failure in tun_xdp_one()…
  • Oracle Linux 8 ELSA-2026 — Linuxsecurity · 2026-06-04
    [5.15.0-321.202.5] - Revert "ip6_tunnel: Fix usage of skb_vlan_inet_prepare()" (Harshit Mogalapalli) [Orabug: 39476647] - smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Maniz…
  • Oracle Linux 9 Kernel Important Security Advisory ELSA-2026 — Linuxsecurity · 2026-06-04
    [5.15.0-321.202.5] - Revert "ip6_tunnel: Fix usage of skb_vlan_inet_prepare()" (Harshit Mogalapalli) [Orabug: 39476647] - smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Maniz…
  • Oracle Linux 9 Kernel Significant Security Update ELSA-2026 — Linuxsecurity · 2026-06-04
    [6.12.0-203.76.7.1] - smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39474418] [6.12.0-203.76.7] - tun: free page on build_skb failure in tun_xdp_one() (We…
  • Oracle ELSA-2026 — Linuxsecurity · 2026-06-04
    [6.12.0-203.76.7.1] - smb: client: reject userspace cifs.spnego descriptions (Asim Viladi Oglu Manizada) [Orabug: 39474418] [6.12.0-203.76.7] - tun: free page on build_skb failure in tun_xdp_one() (We…

Timeline

  • 2025-06-28 — CVE-2025-38085 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
  • 2025-11-12 — CVE-2025-40135 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
  • 2026-01-25 — CVE-2026-23004 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
  • 2026-02-14 — CVE-2026-23193 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
  • 2026-02-14 — CVE-2026-23207 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
  • 2026-02-18 — CVE-2026-23216 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
  • 2026-03-10 — CVE-2026-23240 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
  • 2026-03-18 — CVE-2026-23249 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
  • 2026-03-18 — CVE-2026-23270 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
  • 2026-03-18 — CVE-2026-23251 published: Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.

CVEs

  • CVE-2025-38085
  • CVE-2025-40135
  • CVE-2025-54518
  • CVE-2025-71273
  • CVE-2025-71274
  • CVE-2025-71286
  • CVE-2025-71297
  • CVE-2026-23004
  • CVE-2026-23193
  • CVE-2026-23207
  • CVE-2026-23216
  • CVE-2026-23240
  • CVE-2026-23249
  • CVE-2026-23250
  • CVE-2026-23251
  • CVE-2026-23270
  • CVE-2026-23309
  • CVE-2026-23381
  • CVE-2026-23443
  • CVE-2026-31402
  • CVE-2026-31413
  • CVE-2026-31513
  • CVE-2026-31514
  • CVE-2026-31552
  • CVE-2026-31628
  • CVE-2026-31693
  • CVE-2026-43123
  • CVE-2026-43126
  • CVE-2026-43128
  • CVE-2026-43130

Related entities

  • Cwe-122 - Heap-based Buffer Overflow (Cwe)
  • Cwe-416 - Use After Free (Cwe)
  • 203.76.7.1 (Ipv4)
  • Linux (Platform)
  • Oracle Linux (Platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed